xref: /freebsd/tests/sys/netinet/forward.sh (revision 9f44a47fd07924afc035991af15d84e6585dea4f)
1#!/usr/bin/env atf-sh
2#-
3# SPDX-License-Identifier: BSD-2-Clause
4#
5# Copyright (c) 2020 Alexander V. Chernikov
6#
7# Redistribution and use in source and binary forms, with or without
8# modification, are permitted provided that the following conditions
9# are met:
10# 1. Redistributions of source code must retain the above copyright
11#    notice, this list of conditions and the following disclaimer.
12# 2. Redistributions in binary form must reproduce the above copyright
13#    notice, this list of conditions and the following disclaimer in the
14#    documentation and/or other materials provided with the distribution.
15#
16# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19# ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26# SUCH DAMAGE.
27#
28# $FreeBSD$
29#
30
31. $(atf_get_srcdir)/../common/vnet.subr
32
33atf_test_case "fwd_ip_icmp_iface_fast_success" "cleanup"
34fwd_ip_icmp_iface_fast_success_head() {
35
36	atf_set descr 'Test valid IPv4 on-stick fastforwarding to iface'
37	atf_set require.user root
38	atf_set require.progs scapy
39}
40
41fwd_ip_icmp_iface_fast_success_body() {
42
43	vnet_init
44
45	ip4a="192.0.2.1"
46	ip4b="192.0.2.2"
47	plen=29
48	src_ip="192.0.2.3"
49
50	script_name="../common/sender.py"
51
52	epair=$(vnet_mkepair)
53	ifconfig ${epair}a up
54	ifconfig ${epair}a inet ${ip4a}/${plen}
55
56	jname="v4t-fwd_ip_icmp_iface_fast_success"
57	vnet_mkjail ${jname} ${epair}b
58	jexec ${jname} ifconfig ${epair}b up
59	jexec ${jname} ifconfig ${epair}b inet ${ip4b}/${plen}
60
61	# Get router ip/mac
62	jail_ip=${ip4b}
63	jail_mac=`jexec ${jname} ifconfig ${epair}b ether | awk '$1~/ether/{print$2}'`
64
65	our_mac=`ifconfig ${epair}a ether | awk '$1~/ether/{print$2}'`
66
67	jexec ${jname} sysctl net.inet.ip.forwarding=1
68	# As we're doing router-on-the-stick, turn sending IP redirects off:
69	jexec ${jname} sysctl net.inet.ip.redirect=0
70
71	# echo "LOCAL: ${local_ip} ${local_mac}"
72	# echo "REMOTE: ${remote_rtr_ip} ${remote_rtr_mac}"
73
74	atf_check -s exit:0 $(atf_get_srcdir)/${script_name} \
75		--test_name fwd_ip_icmp_fast \
76		--smac ${our_mac} --dmac ${jail_mac} \
77		--sip ${src_ip} --dip ${ip4a} \
78		--iface ${epair}a
79
80	# check counters are valid
81	atf_check -o match:'1 packet forwarded \(1 packet fast forwarded\)' jexec ${jname} netstat -sp ip
82}
83
84fwd_ip_icmp_iface_fast_success_cleanup() {
85
86	vnet_cleanup
87}
88
89atf_test_case "fwd_ip_icmp_gw_fast_success" "cleanup"
90fwd_ip_icmp_gw_fast_success_head() {
91
92	atf_set descr 'Test valid IPv4 on-stick fastforwarding to gw'
93	atf_set require.user root
94	atf_set require.progs scapy
95}
96
97fwd_ip_icmp_gw_fast_success_body() {
98
99	vnet_init
100
101	ip4a="192.0.2.1"
102	ip4b="192.0.2.2"
103	plen=29
104	src_ip="192.0.2.3"
105	dst_ip="192.0.2.4"
106
107	script_name="../common/sender.py"
108
109	epair=$(vnet_mkepair)
110	ifconfig ${epair}a up
111	ifconfig ${epair}a inet ${ip4a}/${plen}
112
113	jname="v4t-fwd_ip_icmp_gw_fast_success"
114	vnet_mkjail ${jname} ${epair}b
115	jexec ${jname} ifconfig ${epair}b up
116	jexec ${jname} ifconfig ${epair}b inet ${ip4b}/${plen}
117
118	# Get router ip/mac
119	jail_ip=${ip4b}
120	jail_mac=`jexec ${jname} ifconfig ${epair}b ether | awk '$1~/ether/{print$2}'`
121
122	our_mac=`ifconfig ${epair}a ether | awk '$1~/ether/{print$2}'`
123
124	jexec ${jname} sysctl net.inet.ip.forwarding=1
125	# As we're doing router-on-the-stick, turn sending IP redirects off:
126	jexec ${jname} sysctl net.inet.ip.redirect=0
127
128	# Add host route
129	jexec ${jname} route -4 add -host ${dst_ip} ${ip4a}
130
131	# echo "LOCAL: ${local_ip} ${local_mac}"
132	# echo "REMOTE: ${remote_rtr_ip} ${remote_rtr_mac}"
133
134	atf_check -s exit:0 $(atf_get_srcdir)/${script_name} \
135		--test_name fwd_ip_icmp_fast \
136		--smac ${our_mac} --dmac ${jail_mac} \
137		--sip ${src_ip} --dip ${dst_ip} \
138		--iface ${epair}a
139
140	# check counters are valid
141	atf_check -o match:'1 packet forwarded \(1 packet fast forwarded\)' jexec ${jname} netstat -sp ip
142}
143
144fwd_ip_icmp_gw_fast_success_cleanup() {
145
146	vnet_cleanup
147}
148
149atf_test_case "fwd_ip_icmp_iface_slow_success" "cleanup"
150fwd_ip_icmp_iface_slow_success_head() {
151
152	atf_set descr 'Test valid IPv4 on-stick "slow" forwarding to iface'
153	atf_set require.user root
154	atf_set require.progs scapy
155}
156
157fwd_ip_icmp_iface_slow_success_body() {
158
159	vnet_init
160
161	ip4a="192.0.2.1"
162	ip4b="192.0.2.2"
163	plen=29
164	src_ip="192.0.2.3"
165
166	script_name="../common/sender.py"
167
168	epair=$(vnet_mkepair)
169	ifconfig ${epair}a up
170	ifconfig ${epair}a inet ${ip4a}/${plen}
171
172	jname="v4t-fwd_ip_icmp_iface_slow_success"
173	vnet_mkjail ${jname} ${epair}b
174	jexec ${jname} ifconfig ${epair}b up
175	jexec ${jname} ifconfig ${epair}b inet ${ip4b}/${plen}
176
177	# Get router ip/mac
178	jail_ip=${ip4b}
179	jail_mac=`jexec ${jname} ifconfig ${epair}b ether | awk '$1~/ether/{print$2}'`
180
181	our_mac=`ifconfig ${epair}a ether | awk '$1~/ether/{print$2}'`
182
183	jexec ${jname} sysctl net.inet.ip.forwarding=1
184	# As we're doing router-on-the-stick, turn sending IP redirects off:
185	jexec ${jname} sysctl net.inet.ip.redirect=0
186
187	# Generate packet with options to force slow-path
188	atf_check -s exit:0 $(atf_get_srcdir)/${script_name} \
189		--test_name fwd_ip_icmp_slow \
190		--smac ${our_mac} --dmac ${jail_mac} \
191		--sip ${src_ip} --dip ${ip4a} \
192		--iface ${epair}a
193
194	# check counters are valid
195	atf_check -o match:'1 packet forwarded \(0 packets fast forwarded\)' jexec ${jname} netstat -sp ip
196}
197
198fwd_ip_icmp_iface_slow_success_cleanup() {
199
200	vnet_cleanup
201}
202
203atf_test_case "fwd_ip_icmp_gw_slow_success" "cleanup"
204fwd_ip_icmp_gw_slow_success_head() {
205
206	atf_set descr 'Test valid IPv4 on-stick "slow" forwarding to gw'
207	atf_set require.user root
208	atf_set require.progs scapy
209}
210
211fwd_ip_icmp_gw_slow_success_body() {
212
213	vnet_init
214
215	ip4a="192.0.2.1"
216	ip4b="192.0.2.2"
217	plen=29
218	src_ip="192.0.2.3"
219	dst_ip="192.0.2.4"
220
221	script_name="../common/sender.py"
222
223	epair=$(vnet_mkepair)
224	ifconfig ${epair}a up
225	ifconfig ${epair}a inet ${ip4a}/${plen}
226
227	jname="v4t-fwd_ip_icmp_gw_slow_success"
228	vnet_mkjail ${jname} ${epair}b
229	jexec ${jname} ifconfig ${epair}b up
230	jexec ${jname} ifconfig ${epair}b inet ${ip4b}/${plen}
231
232	# Get router ip/mac
233	jail_ip=${ip4b}
234	jail_mac=`jexec ${jname} ifconfig ${epair}b ether | awk '$1~/ether/{print$2}'`
235
236	our_mac=`ifconfig ${epair}a ether | awk '$1~/ether/{print$2}'`
237
238	jexec ${jname} sysctl net.inet.ip.forwarding=1
239	# As we're doing router-on-the-stick, turn sending IP redirects off:
240	jexec ${jname} sysctl net.inet.ip.redirect=0
241
242	# Add host route
243	jexec ${jname} route -4 add -host ${dst_ip} ${ip4a}
244
245	# echo "LOCAL: ${local_ip} ${local_mac}"
246	# echo "REMOTE: ${remote_rtr_ip} ${remote_rtr_mac}"
247
248	atf_check -s exit:0 $(atf_get_srcdir)/${script_name} \
249		--test_name fwd_ip_icmp_fast \
250		--smac ${our_mac} --dmac ${jail_mac} \
251		--sip ${src_ip} --dip ${dst_ip} \
252		--iface ${epair}a
253
254	# check counters are valid
255	atf_check -o match:'1 packet forwarded \(1 packet fast forwarded\)' jexec ${jname} netstat -sp ip
256}
257
258fwd_ip_icmp_gw_slow_success_cleanup() {
259
260	vnet_cleanup
261}
262
263atf_init_test_cases()
264{
265
266	atf_add_test_case "fwd_ip_icmp_iface_fast_success"
267	atf_add_test_case "fwd_ip_icmp_gw_fast_success"
268	atf_add_test_case "fwd_ip_icmp_iface_slow_success"
269	atf_add_test_case "fwd_ip_icmp_gw_slow_success"
270}
271
272# end
273
274